Huffington Post serves malverts via parent AOL

UploadsNewsArticle4483613main

Readers of the Canadian edition of the Huffington Post were exposed to a trojan virus through the ad network of AOL, according to the security company Cyphort.

Malicious adverts posted to the news site, which is owned by AOL, were found attempting to redirect users to an exploit kit serving a malicious Flash exploit and piece of VBScript, which in turn downloaded the Kovter trojan.

Nick Bilogorskiy, director of security research at Cyphort, said his firm had reported a rise in "drive-by infection" through so-called malvertising (malicious advertising) last year, and they believed it presented "a significant cybersecurity challenge in 2015".

"Website owners should ask questions about their malvertising protection before signing up with ads syndication networks," he added. "More importantly, website owners should deploy infection monitoring and detection solutions to protect their site visitors from malware infection."

A spokesman from AOL confirmed the incident in a statement, adding that the company had addressed the problem.

"AOL is committed to bringing new levels of transparency to the advertising process, ensuring ads uphold quality standards and create positive consumer experiences," he said.

Bilogorskiy added that hackers had used a mix of HTTP and HTTPS to disguise servers used in the attack, making it difficult for researchers to analyse the campaign because of the secure nature of HTTPS.

Advertising.com and Adtech, both ad networks owned by AOL, was also found to be redirecting to the exploit kit via subdomains in Poland, a method that was previously seen in an attack on YouTube Ads by security firm Trend Micro.

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

Favourites

  • Favorite list is empty.
FavoriteLoadingClear favorites

Your favorite posts saved to your browsers cookies. If you clear cookies also favorite posts will be deleted.